11 Feb
2001
11 Feb
'01
21:09
* Lenz Grimmer wrote on Sun, Feb 11, 2001 at 21:30 +0100:
On Sun, Feb 11, Steffen Dettmer wrote:
Are the packages signed? Otherwise this looks like a nice security hole here, since some DNS Spoofing or similar would allow an attacker to send trojaned RPMs.
Yes, the RPMs are signed and YaST2 will verify the signature.
Oh, that's great. Are other update packages signed too? By GPG? I have to get the key, I assume it's avaiable via HTTPS? oki, Steffen -- Dieses Schreiben wurde maschinell erstellt, es trägt daher weder Unterschrift noch Siegel.